Hi I have a centos system on a static ip in South Africa
As of 5 days ago I lost connectivity on HTTP, SSH, and SIP to any international address expect within South Africa.
I did contact the service provider and they told me that there are not blocking any ports and everything seems fine on their side. My server is been colocated on their network.

Here are our diagnostics

1) I can ping from the box to any address using IP and DNS
2) I can ping from an international address to the box using IP and DNS.
3) I CAN NOT access HTTP, SSH, SIP from any clients outside SA.
3b) CAN access all ports within SA.

4)NMAP
[root@localhost ~]# nmap -T5 -sV localhost

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-05-23 18:52 SAST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1671 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.3 (protocol 2.0)
80/tcp open http Apache httpd 2.2.3 ((CentOS))
443/tcp open ssl/http Apache httpd 2.2.3 ((CentOS))
787/tcp open status 1 (rpc #100024)

Service Info: OS: Unix

5) route -n
My server IP address is XXX.XXX.XXX.138

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
XXX.XXX.XXX.136 0.0.0.0 255.255.255.248 U 0 0 0 eth0
0.0.0.0 XXX.XXX.XXX.137 0.0.0.0 UG 0 0 0 eth0


6) IPTABLE --list (when it stoped and used for testing)

iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


7) IPTABLES --list ( when its running )
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ASTERISK all -- anywhere anywhere
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh
DROP all -- 173.242.116.18 anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain fail2ban-ASTERISK (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-SSH (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere



any help will be greatly appreciated
thanks

Zak

I would do as follows.
1. Presume an international firewall.
2. Make a cool decision are you going to accept it, or go for breaking it (with associated risks).

If the former, end this thread; if the latter, for obvious reasons, end this thread.